Error: “Your configuration container audit settings may prevent the ‘Who Changed’ field from being reported correctly”

Active Directory
6.5 and older
7.0-8.5
9.0-9.7
9.8
https://kb.netwrix.com/1251
Copy Article URL Copied
  • The Change Summary and the Netwrix Auditor System Health log contain the following warning message:  “Your configuration container audit settings may prevent the ‘Who  Changed’ field from being reported correctly”.
  • Who Changed” field contains the “System” value.

Object-level auditing of the Active Directory Configuration container is not configured for monitoring all possible changes made to Active Directory by any user.


To monitor all possible changes made to Active Directory by any user, you must make sure that auditing of containers is configured properly. Please follow instructions provided in this article: https://helpcenter.netwrix.com/Configure_IT_Infrastructure/AD/AD_Object_Level.html

Go Up